CVE-2026-30789 - RustDesk Client Generates Auth Proof Without Client-Side Nonce, Enabling Replay ...

CVE ID : CVE-2026-30789 Published : March 5, 2026, 4:16 p.m. | 1 hour, 20 minutes ago Description : Authentication Bypass by Capture-replay, Use of Password Hash With Insufficient Computational Effort vulnerability in rustdesk-client RustDesk Client rustdesk-client on Windows, MacOS, Linux, iOS, Android (Client login, peer authentication modules) allows Reusing Session IDs (aka Session Replay). This vulnerability is associated with program files src/client.Rs and program routines hash_password(), login proof construction. This issue affects RustDesk Client: through 1.4.5. Severity: 9.3 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more...